| |
| |||||||
Log-Analyse und Auswertung: Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.05.2017, 22:43
| #1 |
| |  Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Nun, Guten Abend, in meinem Thread für allgemeine Windowsprobleme wurde darauf hingewiesen, hier ein Thread zu starten. Also: Ich habe mir gestern Abend "launchpage" eingefangen, und wollte es relativ normal deinstallieren und mit Malwarebytes reinigen. Nunja, mir wurde gesagt ich solle es im abgesicherten Modus tun (Keine Ahnung warum), also ich habs trotzdem gemacht. Im abgesicherten Modus fiel mir dann auf, dass der Eintrag von launchpage unter Programme und Features verschwunden war. Ich habe Windows im normal Modus gestartet, und mir fiel auf, dass Sound sowie Netzwerkding(lan) komplett deaktiviert sind (Beim Netzwerk "Abhängigkeitsdienst konnte nicht gestartet werden"). Die Treiber sind scheinbar fehlerfrei installiert. Nunja, ich habe länger gegoogelt und bin auf keine Lösung gestoßen.. Außerdem weiß ich nicht, wie ich ein Logfile kriege ohne Internet. Ich werde mich morgen drum kümmern. LG |
|
08.05.2017, 01:23
| #2 |
| /// Malwareteam   | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Du kannst FRST auch auf einem anderen PC herunterladen und dann beispielsweise per USB Stick auf den infizierten PC übertragen, genauso mit den Logfiles.
__________________ |
|
08.05.2017, 14:52
| #3 |
| | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Moin,
__________________ich bin mir relativ sicher, dass das Problem nicht durch einen Virus hervorgerufen wird, sondern irgendeinem Fehler; whatever. Aber ich bin kein Profi  Nun, hier die logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-05-2017
durchgeführt von Robin (Administrator) auf ROB (08-05-2017 15:32:19)
Gestartet von F:\
Geladene Profile: Robin (Verfügbare Profile: Robin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRSOOBE.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-01-16] (Razer Inc.)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-05-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [6311104 2017-05-07] (FNet Co., Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50622080 2016-01-19] (Skype Technologies S.A.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Spotify Web Helper] => C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-29] (Spotify Ltd)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Spotify] => C:\Users\Robin\AppData\Roaming\Spotify\Spotify.exe [7072880 2017-04-29] (Spotify Ltd)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Discord] => C:\Users\Robin\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [TunnelBear] => C:\Program Files (x86)\TunnelBear\TunnelBear.UI.exe [1054080 2017-03-02] (TunnelBear)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-03-28] (Nota Inc.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\MountPoints2: {035cce24-30c4-11e6-9c64-d0509910827b} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-09-25]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-08-26]
ShortcutTarget: Curse.lnk -> C:\Users\Robin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-3100462663-2090829469-4100536388-1000] => hxxp://webunstop.biz/wpad.dat?9988d635979b7b58887f1c51e30b8f0330663819
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{560ada6e-f251-4654-90d2-893d76b67d3f}: [DhcpNameServer] 172.18.12.1
Tcpip\..\Interfaces\{d34b6c70-48c4-4358-83ed-42aba1a10db2}: [DhcpNameServer] 192.168.178.1
ManualProxies: 0hxxp://webunstop.biz/wpad.dat?9988d635979b7b58887f1c51e30b8f0330663819
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-26] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\coIEPlg.dll [2013-08-15] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\IPS\IPSBHO.DLL [2013-08-06] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-09] (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\coIEPlg.dll [2013-08-15] (Symantec Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\dnmugwk5.default-1480449891977 [2017-05-07]
FF Extension: (Disable TLS Certificate Transparency) - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\dnmugwk5.default-1480449891977\features\{af1be8b0-dc1d-4233-8ea2-4c93b366d519}\disable-cert-transparency@mozilla.org.xpi [2017-04-18]
FF Extension: (Disable Prefetch) - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\dnmugwk5.default-1480449891977\features\{af1be8b0-dc1d-4233-8ea2-4c93b366d519}\disable-prefetch@mozilla.org.xpi [2017-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFFPlgn => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-26] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> search.swagbucks.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://search.swagbucks.com/?f=51&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Swagbucks Search
CHR DefaultSuggestURL: Default -> hxxp://search.swagbucks.com/?f=51&q={searchTerms}
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default [2017-05-07]
CHR Extension: (Google Präsentationen) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-11]
CHR Extension: (Google Docs) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-11]
CHR Extension: (Google Drive) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-11]
CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-11]
CHR Extension: (Google Tabellen) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (Norton Identity Protection) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2017-05-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Swagbucks Search) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnegnghjbbaaojdkcdgmdehpakckeekb [2016-10-02]
CHR Extension: (Google Mail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-27]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\Exts\Chrome.crx [2017-05-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
S4 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-04] (Avira Operations GmbH & Co. KG)
S4 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-11-11] ()
S4 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.)
S4 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-03-13] (Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-25] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-25] (Dropbox, Inc.)
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [389392 2016-11-02] (EasyAntiCheat Ltd)
S4 iprip; C:\WINDOWS\System32\iprip.dll [35328 2016-03-13] (Microsoft Corporation)
S4 LPDSVC; C:\WINDOWS\system32\lpdsvc.dll [48640 2016-03-13] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\NIS.exe [275696 2013-08-16] (Symantec Corporation)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492664 2017-04-26] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492664 2017-04-26] (NVIDIA Corporation)
S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425592 2017-04-26] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-08] (Electronic Arts)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S4 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [Datei ist nicht signiert]
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S4 SNMP; C:\WINDOWS\System32\snmp.exe [51712 2016-03-13] (Microsoft Corporation)
S4 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46080 2016-03-13] (Microsoft Corporation)
S4 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [38272 2017-03-02] (TunnelBear)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AsrDrv10; C:\WINDOWS\SysWOW64\Drivers\AsrDrv10.sys [21328 2017-05-07] (ASRock Incorporation)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-22] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-22] (Avira Operations GmbH & Co. KG)
S3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [1525336 2013-08-13] (Symantec Corporation)
S3 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1500000.064\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-24] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-24] (Disc Soft Ltd)
R1 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [5975040 2017-05-05] ()
R3 FNETTBOH_305; C:\WINDOWS\System32\drivers\FNETTBOH_305.SYS [32320 2017-05-07] (FNet Co., Ltd.)
R1 FNETURPX; C:\WINDOWS\System32\drivers\FNETURPX.SYS [16648 2017-05-07] (FNet Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2015-08-20] (Sony Mobile Communications)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Datei ist nicht signiert]
S3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20130805.011\IDSVia64.sys [520280 2013-08-06] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20130814.018\ENG64.SYS [126040 2013-08-14] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20130814.018\EX64.SYS [2100312 2013-08-14] (Symantec Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-04-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47736 2017-04-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-04-26] (NVIDIA Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows (R) Win 7 DDK provider)
S3 SRTSP; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
S3 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [40568 2015-10-03] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45928 2017-01-10] (SteelSeries ApS)
S3 SymDS; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
S3 SymEFA; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
S3 SymELAM; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2017-05-07] (Symantec Corporation)
S3 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1500000.064\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
S3 SymNetS; C:\WINDOWS\system32\drivers\NISx64\1500000.064\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
S3 tapSF0901; C:\WINDOWS\System32\drivers\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; kein ImagePath
S3 taphss6; \SystemRoot\System32\drivers\taphss6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-08 15:32 - 2017-05-08 15:32 - 00000000 ____D C:\FRST
2017-05-07 22:14 - 2017-05-07 22:17 - 00000000 ____D C:\Program Files (x86)\Intel
2017-05-07 22:14 - 2013-08-05 05:50 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2017-05-07 21:49 - 2017-05-07 21:49 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-07 21:49 - 2017-05-07 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-07 21:49 - 2017-05-07 21:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-07 21:49 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-07 21:48 - 2017-05-07 21:48 - 00069344 _____ (FNet Co., Ltd.) C:\WINDOWS\system32\TurboShell_105.dll
2017-05-07 21:48 - 2017-05-07 21:48 - 00032320 _____ (FNet Co., Ltd.) C:\WINDOWS\system32\Drivers\FNETTBOH_305.SYS
2017-05-07 21:20 - 2017-05-07 21:20 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-05-07 21:20 - 2017-05-07 21:20 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-05-07 21:20 - 2017-05-07 21:20 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-05-07 21:20 - 2013-04-11 13:05 - 19605708 _____ C:\Users\Public\Desktop\H87 Pro4.pdf
2017-05-07 21:19 - 2017-05-07 21:19 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-05-07 21:19 - 2017-05-07 21:19 - 00000000 ____D C:\ProgramData\Norton
2017-05-07 21:19 - 2017-05-07 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-05-07 21:19 - 2017-05-07 21:19 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-05-07 21:18 - 2017-05-07 21:18 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-05-07 21:18 - 2017-05-07 21:18 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-05-07 21:17 - 2017-05-07 21:17 - 00000000 ____D C:\Users\Robin\AppData\Local\{D327CEC8-9786-418E-9028-0A8ADFE9790F}
2017-05-07 21:17 - 2017-05-07 21:17 - 00000000 ____D C:\ProgramData\Splashtop
2017-05-07 21:17 - 2017-05-07 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2017-05-07 21:17 - 2017-05-07 21:17 - 00000000 ____D C:\Program Files (x86)\Splashtop
2017-05-07 21:16 - 2017-05-07 21:16 - 00001093 _____ C:\Users\Public\Desktop\ASRock SmartConnect.lnk
2017-05-07 21:16 - 2017-05-07 21:16 - 00000000 ____D C:\Program Files\ASRock Utility
2017-05-07 21:15 - 2017-05-07 21:15 - 00021328 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrDrv10.sys
2017-05-07 21:15 - 2017-05-07 21:15 - 00000000 ____D C:\Users\Robin\AppData\Roaming\FNET
2017-05-07 21:13 - 2017-05-07 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2017-05-07 21:13 - 2017-05-07 21:13 - 00001372 _____ C:\Users\Public\Desktop\ASRock Restart to UEFI.lnk
2017-05-07 21:13 - 2017-05-07 21:13 - 00000000 ____D C:\Program Files (x86)\ASRock Utility
2017-05-07 21:11 - 2017-05-07 21:13 - 00009791 _____ C:\WINDOWS\cFosSpeed_Setup_Log.txt
2017-05-07 21:11 - 2017-05-07 21:11 - 00016648 _____ (FNet Co., Ltd.) C:\WINDOWS\system32\Drivers\FNETURPX.SYS
2017-05-07 21:11 - 2017-05-07 21:11 - 00001958 _____ C:\Users\Public\Desktop\XFast USB.LNK
2017-05-07 21:11 - 2017-05-07 21:11 - 00000000 ____D C:\Users\Robin\AppData\Local\cFos
2017-05-07 21:11 - 2017-05-07 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
2017-05-07 21:11 - 2017-05-07 21:11 - 00000000 ____D C:\ProgramData\FNET
2017-05-07 21:11 - 2017-05-07 21:11 - 00000000 ____D C:\ProgramData\cFos
2017-05-07 21:11 - 2017-05-07 21:11 - 00000000 ____D C:\Program Files (x86)\XFastUSB
2017-05-07 20:58 - 2017-05-07 22:06 - 00022352 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv.sys
2017-05-07 20:58 - 2017-05-07 20:58 - 00000000 ____D C:\Users\Robin\Downloads\AsrSetup
2017-05-07 20:42 - 2017-05-07 20:46 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-07 20:41 - 2017-05-07 21:32 - 00000000 ____D C:\WINDOWS\pss
2017-05-07 15:30 - 2017-05-07 15:30 - 01417994 _____ C:\Users\Robin\Desktop\violine.wav
2017-05-07 12:30 - 2017-05-07 12:30 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignf3013ce63534c26b
2017-05-07 12:30 - 2017-05-07 12:30 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignd1e2f0b32f91e2cf
2017-05-07 12:30 - 2017-05-07 12:30 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign592dc63118f74620
2017-05-06 18:44 - 2017-05-06 18:44 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignde8fbaec0fa8cf91
2017-05-06 18:39 - 2017-05-06 18:39 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsigne56c95d477a6ffc6
2017-05-06 18:39 - 2017-05-06 18:39 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignb62ae0f2bdfb5073
2017-05-06 18:39 - 2017-05-06 18:39 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign5da83ed2a36e2be5
2017-05-06 17:52 - 2017-05-06 17:52 - 00000000 _____ C:\Users\Robin\Desktop\cac.txt
2017-05-05 17:49 - 2017-05-05 17:49 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsigne01c0d548f4885e9
2017-05-05 17:49 - 2017-05-05 17:49 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignd2cc995fcf5fcfa3
2017-05-05 17:49 - 2017-05-05 17:49 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign8c0cce38574e4694
2017-05-05 17:48 - 2017-05-05 17:48 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign68805a7726210e45
2017-05-05 17:36 - 2017-05-05 17:36 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignc1002575e6b01464
2017-05-05 17:36 - 2017-05-05 17:36 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign87181dbb57ce1327
2017-05-05 17:36 - 2017-05-05 17:36 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign615b5ecfc8631316
2017-05-04 17:48 - 2017-05-07 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-04 16:57 - 2017-05-04 16:57 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign20e9ec311a666695
2017-05-04 16:50 - 2017-05-04 16:50 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsigncbbfb618ee4f25fc
2017-05-04 16:49 - 2017-05-04 16:49 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignc192eb2ade1191b3
2017-05-04 16:49 - 2017-05-04 16:49 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign8d5183a823c4ee7d
2017-05-04 16:48 - 2017-05-04 16:48 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignf0e440fd9522c12d
2017-05-04 16:48 - 2017-05-04 16:48 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsigna303589912ba42a2
2017-05-04 16:46 - 2017-05-04 16:46 - 00000000 ____D C:\Users\Robin\AppData\LocalLow\Adobe
2017-05-04 16:45 - 2017-05-04 16:45 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignc216bad15dfe2e0a
2017-05-04 16:43 - 2017-05-04 16:43 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignbebfc0a470f2aa87
2017-05-04 16:43 - 2017-05-04 16:43 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign8829a69dacfd8c60
2017-05-04 16:43 - 2017-05-04 16:43 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign7571b40898e67104
2017-05-04 14:01 - 2017-05-04 14:01 - 00000000 ___HD C:\adobeTemp
2017-05-04 14:01 - 2017-05-04 14:01 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2017-05-04 14:00 - 2017-05-04 14:00 - 00003586 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-ROB-Robin
2017-05-04 14:00 - 2017-05-04 14:00 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsignb0b6de9792bc3a9f
2017-05-04 14:00 - 2017-05-04 14:00 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign8d3689d9a6369e53
2017-05-04 14:00 - 2017-05-04 14:00 - 00000000 ____D C:\Users\Robin\AppData\Local\Tempzxpsign6e1d617d2c943214
2017-05-04 07:52 - 2017-05-04 07:52 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-05-04 07:52 - 2017-05-04 07:52 - 00000000 ____D C:\Users\Robin\Documents\Adobe
2017-05-03 21:56 - 2017-05-03 21:56 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-05-03 21:56 - 2017-05-03 21:56 - 00001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-05-03 21:28 - 2017-05-03 21:28 - 00317162 _____ C:\Users\Robin\Documents\cc_20170503_212826.reg
2017-05-03 21:25 - 2017-05-03 21:25 - 00000000 ____D C:\Users\Robin\Desktop\Neuer Ordner (2)
2017-05-03 18:47 - 2017-05-03 21:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-05-03 18:41 - 2017-05-03 18:42 - 00000000 ____D C:\Users\Robin\Desktop\photoshop
2017-05-03 15:43 - 2017-05-04 07:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-05-03 15:38 - 2017-05-03 20:30 - 00000000 ____D C:\Program Files\Adobe
2017-05-03 15:36 - 2017-05-06 13:07 - 00000000 ___RD C:\Users\Robin\Creative Cloud Files
2017-05-03 07:02 - 2017-05-04 07:16 - 00000000 ____D C:\ProgramData\Adobe
2017-05-03 07:01 - 2017-05-03 21:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-05-02 19:42 - 2017-05-02 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 21:53 - 2017-05-03 18:56 - 00601600 _____ (PainteR) C:\Users\Robin\Desktop\AdobePatcher2017.exe
2017-05-01 21:53 - 2017-05-02 14:27 - 00814168 _____ (Adobe Systems Incorporated) C:\Users\Robin\Desktop\C-Cloud.exe
2017-05-01 21:53 - 2017-04-16 19:13 - 00001477 _____ C:\Users\Robin\Desktop\README.txt
2017-05-01 21:50 - 2017-05-08 15:28 - 00000000 ____D C:\Users\Robin\AppData\Local\Adobe
2017-05-01 21:23 - 2017-05-01 21:23 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-01 20:22 - 2017-05-01 20:22 - 00000000 ___HD C:\Users\Robin\Desktop\.updtmp
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-30 22:49 - 2017-04-30 22:49 - 14970599 _____ C:\Users\Robin\Documents\Untitled.gif.mp4
2017-04-29 21:18 - 2017-04-29 21:43 - 00012844 _____ C:\Users\Robin\Desktop\Wunschzettel.odt
2017-04-29 20:02 - 2017-04-29 20:04 - 91904808 _____ C:\Users\Robin\Documents\finish1.mp4
2017-04-29 19:42 - 2017-04-29 19:45 - 106296797 _____ C:\Users\Robin\Documents\finish.mp4
2017-04-29 19:38 - 2017-04-29 19:47 - 00099024 _____ C:\Users\Robin\Desktop\Waka Flocka - No Handz (CRNKN Remix).sfk
2017-04-29 18:39 - 2017-04-29 18:42 - 00066112 _____ C:\Users\Robin\Desktop\thisgoesyt.mp4.sfk
2017-04-29 18:37 - 2017-04-29 18:37 - 248332445 _____ C:\Users\Robin\Desktop\thisgoesyt.mp4
2017-04-29 18:22 - 2017-04-29 18:22 - 00000000 ____D C:\Users\Public\Documents\AKVIS
2017-04-29 18:20 - 2017-04-29 18:20 - 00001063 _____ C:\Users\Public\Desktop\AKVIS Magnifier.lnk
2017-04-29 18:20 - 2017-04-29 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS
2017-04-29 18:20 - 2017-04-29 18:20 - 00000000 ____D C:\Program Files (x86)\AKVIS
2017-04-28 18:24 - 2017-05-07 14:04 - 00000000 ____D C:\Users\Robin\Desktop\fl12samples
2017-04-28 14:47 - 2017-04-28 14:47 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:47 - 2017-04-28 14:47 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-28 14:47 - 2017-04-26 07:37 - 01882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-04-28 14:47 - 2017-04-26 07:37 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-04-28 14:47 - 2017-04-26 07:37 - 01473144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-04-28 14:47 - 2017-04-26 07:37 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-04-28 14:47 - 2017-04-26 07:37 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-04-28 14:46 - 2017-04-28 14:46 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:46 - 2017-04-26 07:37 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-04-28 14:38 - 2017-04-28 14:46 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:38 - 2017-04-28 14:46 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:38 - 2017-04-28 14:46 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:38 - 2017-04-28 14:46 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:38 - 2017-04-28 14:46 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-28 14:38 - 2017-04-28 14:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-28 14:38 - 2017-04-26 07:37 - 00153720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-28 14:38 - 2017-04-26 07:37 - 00127608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-28 14:38 - 2017-04-26 07:03 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-27 20:22 - 2017-04-27 20:22 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2017-04-25 21:17 - 2017-04-26 16:29 - 00000000 ____D C:\Users\Robin\Desktop\steam.design
2017-04-25 21:16 - 2017-04-25 21:16 - 00313602 _____ C:\Users\Robin\Desktop\steam.design.zip
2017-04-22 20:18 - 2009-10-24 21:15 - 01332224 _____ (AD © 2009) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2017-04-22 18:23 - 2017-04-22 18:23 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Gyazo
2017-04-21 13:31 - 2017-04-21 13:31 - 00000000 ____D C:\Users\Robin\AppData\Local\FACEIT
2017-04-20 16:14 - 2017-04-21 13:48 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-04-20 16:14 - 2017-04-20 16:14 - 00003496 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-04-20 16:14 - 2017-04-20 16:14 - 00003360 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2017-04-20 16:14 - 2017-04-20 16:14 - 00001055 _____ C:\Users\Public\Desktop\Gyazo.lnk
2017-04-20 16:14 - 2017-04-20 16:14 - 00001055 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2017-04-20 16:14 - 2017-04-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2017-04-18 00:56 - 2017-04-18 00:55 - 00005903 _____ C:\Users\Robin\Desktop\config.zip
2017-04-17 23:47 - 2017-05-05 14:15 - 05975040 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2017-04-17 23:47 - 2017-04-24 15:45 - 00000000 ____D C:\Program Files\FACEIT Client
2017-04-17 23:47 - 2017-04-17 23:47 - 00003288 _____ C:\WINDOWS\System32\Tasks\FACEIT Client
2017-04-17 23:47 - 2017-04-17 23:47 - 00000920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT Client.lnk
2017-04-17 23:47 - 2017-04-17 23:47 - 00000908 _____ C:\Users\Public\Desktop\FACEIT Client.lnk
2017-04-16 16:07 - 2017-04-16 16:08 - 00000000 ____D C:\Users\Robin\Desktop\r 13t t135
2017-04-13 19:08 - 2017-04-22 23:09 - 00000000 ____D C:\Users\Robin\Documents\Trove
2017-04-13 13:38 - 2017-04-13 13:38 - 00000000 ____D C:\Users\Robin\AppData\Roaming\MotioninJoy
2017-04-13 13:38 - 2017-04-13 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2017-04-13 13:38 - 2017-04-13 13:38 - 00000000 ____D C:\Program Files\MotioninJoy
2017-04-13 13:38 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\WINDOWS\system32\MijFrc.dll
2017-04-12 18:15 - 2017-03-28 10:51 - 00602256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 18:15 - 2017-03-28 10:50 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 18:15 - 2017-03-28 09:53 - 06958304 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:15 - 2017-03-28 09:45 - 00958120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 18:15 - 2017-03-28 09:44 - 02944592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 18:15 - 2017-03-28 09:44 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-04-12 18:15 - 2017-03-28 09:41 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-12 18:15 - 2017-03-28 09:40 - 05240440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 18:15 - 2017-03-28 09:08 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 18:15 - 2017-03-28 09:08 - 00316248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 18:15 - 2017-03-28 09:06 - 01522664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 18:15 - 2017-03-28 08:37 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 18:15 - 2017-03-28 08:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 18:15 - 2017-03-28 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 18:15 - 2017-03-28 08:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2017-04-12 18:15 - 2017-03-28 07:57 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 18:15 - 2017-03-28 07:56 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 18:15 - 2017-03-28 07:43 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2017-04-12 18:15 - 2017-03-28 07:42 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 18:15 - 2017-03-28 07:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-12 18:15 - 2017-03-28 07:35 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2017-04-12 18:15 - 2017-03-28 07:33 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 18:15 - 2017-03-28 07:33 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 18:15 - 2017-03-28 07:18 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-12 18:15 - 2017-03-28 07:18 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 18:15 - 2017-03-28 07:11 - 01501696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 18:15 - 2017-03-28 07:08 - 02878976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 18:15 - 2017-03-28 07:04 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 18:15 - 2017-03-28 06:47 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-04-12 18:15 - 2017-03-28 06:45 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-04-12 18:15 - 2017-03-28 06:41 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 18:15 - 2017-03-28 06:13 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 18:15 - 2017-03-18 18:41 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-04-12 18:14 - 2017-03-28 12:20 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-04-12 18:14 - 2017-03-28 12:18 - 01997840 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 18:14 - 2017-03-28 12:17 - 00800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 18:14 - 2017-03-28 11:18 - 08710320 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:14 - 2017-03-28 11:11 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-04-12 18:14 - 2017-03-28 11:06 - 06604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 18:14 - 2017-03-28 11:05 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-04-12 18:14 - 2017-03-28 10:59 - 00262400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 18:14 - 2017-03-28 10:52 - 00168360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 18:14 - 2017-03-28 10:51 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 18:14 - 2017-03-28 10:12 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 18:14 - 2017-03-28 10:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 18:14 - 2017-03-28 09:52 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 18:14 - 2017-03-28 09:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 18:14 - 2017-03-28 09:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 18:14 - 2017-03-28 09:06 - 01370736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 18:14 - 2017-03-28 09:01 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:14 - 2017-03-28 08:41 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 18:14 - 2017-03-28 08:26 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 18:14 - 2017-03-28 08:26 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 18:14 - 2017-03-28 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 18:14 - 2017-03-28 08:20 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-12 18:14 - 2017-03-28 08:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 18:14 - 2017-03-28 08:10 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 18:14 - 2017-03-28 08:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 18:14 - 2017-03-28 08:05 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 18:14 - 2017-03-28 08:01 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2017-04-12 18:14 - 2017-03-28 07:53 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-04-12 18:14 - 2017-03-28 07:47 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 18:14 - 2017-03-28 07:39 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-04-12 18:14 - 2017-03-28 07:32 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2017-04-12 18:14 - 2017-03-28 07:19 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 18:14 - 2017-03-18 22:39 - 22560744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 18:13 - 2017-03-28 12:19 - 00202480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 18:13 - 2017-03-28 12:17 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 18:13 - 2017-03-28 12:14 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 18:13 - 2017-03-28 12:12 - 00061792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-04-12 18:13 - 2017-03-28 11:51 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2017-04-12 18:13 - 2017-03-28 11:12 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 18:13 - 2017-03-28 11:11 - 03698216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 18:13 - 2017-03-28 11:08 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-12 18:13 - 2017-03-28 11:05 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 18:13 - 2017-03-28 11:05 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-04-12 18:13 - 2017-03-28 11:03 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-04-12 18:13 - 2017-03-28 11:03 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-12 18:13 - 2017-03-28 10:30 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 18:13 - 2017-03-28 10:29 - 01986912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 18:13 - 2017-03-28 10:29 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 18:13 - 2017-03-28 10:29 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 18:13 - 2017-03-28 10:28 - 01777792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 18:13 - 2017-03-28 10:28 - 01594928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 18:13 - 2017-03-28 09:52 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-04-12 18:13 - 2017-03-28 09:51 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 18:13 - 2017-03-28 09:50 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 18:13 - 2017-03-28 09:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 18:13 - 2017-03-28 09:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 18:13 - 2017-03-28 09:40 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 18:13 - 2017-03-28 09:38 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-04-12 18:13 - 2017-03-28 09:37 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 18:13 - 2017-03-28 09:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 18:13 - 2017-03-28 09:31 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-12 18:13 - 2017-03-28 09:29 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 18:13 - 2017-03-28 09:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2017-04-12 18:13 - 2017-03-28 09:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 18:13 - 2017-03-28 09:20 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-04-12 18:13 - 2017-03-28 09:20 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-04-12 18:13 - 2017-03-28 09:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 18:13 - 2017-03-28 09:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 18:13 - 2017-03-28 09:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 18:13 - 2017-03-28 09:16 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2017-04-12 18:13 - 2017-03-28 09:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 18:13 - 2017-03-28 09:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 18:13 - 2017-03-28 09:13 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 18:13 - 2017-03-28 09:10 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 18:13 - 2017-03-28 09:09 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 18:13 - 2017-03-28 08:56 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2017-04-12 18:13 - 2017-03-28 08:55 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-04-12 18:13 - 2017-03-28 08:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 18:13 - 2017-03-28 08:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 18:13 - 2017-03-28 08:53 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 18:13 - 2017-03-28 08:53 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-12 18:13 - 2017-03-28 08:51 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 18:13 - 2017-03-28 08:48 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 18:13 - 2017-03-28 08:46 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 18:13 - 2017-03-28 08:44 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2017-04-12 18:13 - 2017-03-28 08:41 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 18:13 - 2017-03-28 08:40 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2017-04-12 18:13 - 2017-03-28 08:21 - 03586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 18:13 - 2017-03-28 08:19 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 18:13 - 2017-03-28 08:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 18:13 - 2017-03-28 08:12 - 01729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 18:13 - 2017-03-28 08:06 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 18:13 - 2017-03-28 08:01 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 18:13 - 2017-03-28 07:56 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 18:13 - 2017-03-28 07:55 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-04-12 18:13 - 2017-03-28 07:53 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 18:13 - 2017-03-28 07:44 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-04-12 18:13 - 2017-03-28 07:42 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-04-12 18:13 - 2017-03-28 07:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 18:13 - 2017-03-28 07:41 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 18:13 - 2017-03-28 07:40 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 18:13 - 2017-03-28 07:36 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 18:13 - 2017-03-28 07:36 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 18:13 - 2017-03-28 07:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-04-12 18:13 - 2017-03-28 07:29 - 22375424 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 18:13 - 2017-03-28 07:22 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 18:13 - 2017-03-28 07:20 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 18:13 - 2017-03-28 07:20 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 18:13 - 2017-03-28 07:06 - 07856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 18:13 - 2017-03-28 07:01 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-04-12 18:13 - 2017-03-28 06:48 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 18:13 - 2017-03-28 06:46 - 19344896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 18:13 - 2017-03-28 06:45 - 18671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 18:13 - 2017-03-28 06:45 - 12134912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 18:13 - 2017-03-28 06:31 - 05670912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 18:13 - 2017-03-21 03:36 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-11 20:22 - 2017-04-11 20:24 - 00000000 ____D C:\ProgramData\TruckersMP
2017-04-08 20:06 - 2017-04-08 20:06 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2017-04-08 20:05 - 2017-04-08 20:05 - 00000000 ____D C:\Users\Robin\AppData\Roaming\SYSTEMAX Software Development
2017-04-08 20:03 - 2017-04-16 17:26 - 00000000 ____D C:\PaintToolSAI
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-08 15:34 - 2017-01-25 20:29 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-08 15:28 - 2016-05-04 17:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-08 15:28 - 2015-07-30 17:43 - 00000000 ____D C:\Users\Robin\AppData\Local\NVIDIA Corporation
2017-05-08 15:26 - 2015-07-29 23:00 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-08 15:25 - 2017-01-25 20:29 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-08 15:25 - 2016-03-13 13:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-08 15:25 - 2015-10-25 17:42 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-08 15:24 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-05-07 22:16 - 2015-07-29 22:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-07 22:11 - 2015-07-29 22:26 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-05-07 21:49 - 2015-09-11 18:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-07 21:48 - 2015-07-29 22:05 - 00000000 ____D C:\Users\Robin\AppData\Local\VirtualStore
2017-05-07 21:20 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-07 21:12 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-05-07 21:11 - 2015-09-19 16:52 - 00000000 ____D C:\Users\Robin\AppData\Local\ElevatedDiagnostics
2017-05-07 20:43 - 2017-02-19 20:57 - 00000000 ____D C:\Program Files\OBS
2017-05-07 20:43 - 2017-02-19 20:57 - 00000000 ____D C:\Program Files (x86)\OBS
2017-05-07 20:42 - 2015-07-31 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-07 20:41 - 2016-01-09 20:55 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-05-07 20:36 - 2016-04-04 16:28 - 00000000 ____D C:\Users\Robin\AppData\Roaming\.minecraft
2017-05-07 20:32 - 2017-01-15 15:30 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-05-07 20:32 - 2016-03-14 18:19 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-05-07 20:32 - 2016-03-14 18:19 - 00000000 ____D C:\Program Files\Image-Line
2017-05-07 16:28 - 2016-12-12 20:29 - 00000000 ____D C:\Users\Robin\AppData\LocalLow\Mozilla
2017-05-07 16:28 - 2015-07-29 22:27 - 00002534 _____ C:\Users\Robin\Desktop\Google Chrome.lnk
2017-05-07 15:33 - 2015-08-28 22:41 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Audacity
2017-05-07 15:30 - 2015-12-30 21:45 - 00000000 ____D C:\Users\Robin\AppData\Local\CrashDumps
2017-05-07 14:28 - 2016-05-21 21:51 - 00000000 ____D C:\Users\Robin\AppData\Roaming\uTorrent
2017-05-07 10:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-07 00:32 - 2016-10-02 21:56 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-05-07 00:22 - 2016-01-24 00:31 - 00000000 ____D C:\Users\Robin\AppData\Roaming\TS3Client
2017-05-06 13:13 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-05 22:23 - 2016-02-26 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-05 22:23 - 2015-07-30 18:06 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-05 17:57 - 2017-01-18 21:25 - 00000000 ____D C:\Users\Robin\Desktop\Bilder
2017-05-04 22:14 - 2016-03-13 12:54 - 00000000 ____D C:\Users\Robin
2017-05-04 14:14 - 2015-07-30 17:16 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Adobe
2017-05-03 21:19 - 2015-07-30 17:16 - 00000000 ____D C:\Users\Robin\AppData\Local\Packages
2017-05-03 21:18 - 2016-11-01 15:04 - 00000000 ____D C:\Users\Robin\Minecraft Note Block Studio
2017-05-03 19:21 - 2016-05-13 15:36 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-05-03 18:44 - 2016-02-16 15:34 - 00000000 ____D C:\temp
2017-05-03 15:39 - 2016-03-13 12:51 - 02103176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-03 15:39 - 2015-10-30 20:35 - 00895618 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-03 15:39 - 2015-10-30 20:35 - 00199306 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-02 21:17 - 2015-11-15 17:53 - 00000000 ____D C:\ProgramData\TEMP
2017-05-02 19:43 - 2017-01-25 20:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 16:58 - 2016-04-26 16:25 - 00000000 ____D C:\Users\Robin\AppData\Roaming\steelseries-engine-3-client
2017-05-01 21:23 - 2015-07-30 17:20 - 00002420 _____ C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-01 21:23 - 2015-07-30 17:20 - 00000000 ___RD C:\Users\Robin\OneDrive
2017-05-01 15:45 - 2016-07-09 13:59 - 00000000 ____D C:\Users\Robin\AppData\Roaming\OBS
2017-04-29 18:19 - 2015-11-15 17:52 - 00000000 ____D C:\Users\Robin\AppData\Local\Downloaded Installations
2017-04-29 16:44 - 2016-09-20 21:45 - 00000000 ____D C:\Users\Robin\AppData\Local\Spotify
2017-04-29 16:44 - 2016-09-20 21:42 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Spotify
2017-04-29 12:45 - 2015-08-12 14:39 - 00000000 ____D C:\Users\Robin\Powersaves3DS
2017-04-28 18:24 - 2017-02-20 19:56 - 00000000 ____D C:\Users\Robin\Desktop\fl12
2017-04-28 14:48 - 2016-03-13 12:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-28 14:47 - 2017-02-08 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-28 14:47 - 2016-03-13 12:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-28 14:47 - 2016-03-13 12:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-28 14:47 - 2015-07-30 15:16 - 00000000 ____D C:\Users\Robin\AppData\Local\NVIDIA
2017-04-28 14:43 - 2016-03-13 12:44 - 00307936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-27 21:54 - 2015-07-29 22:27 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-27 21:54 - 2015-07-29 22:27 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 20:22 - 2017-01-15 15:34 - 00000575 _____ C:\Users\Robin\Desktop\FL Studio 12 (64bit).lnk
2017-04-27 20:22 - 2017-01-15 15:34 - 00000563 _____ C:\Users\Robin\Desktop\FL Studio 12.lnk
2017-04-26 21:48 - 2016-07-28 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2017-04-26 21:48 - 2016-07-28 14:26 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2017-04-26 07:37 - 2016-01-23 18:22 - 00047736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-04-25 20:10 - 2016-08-29 21:14 - 00562728 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-04-18 12:24 - 2017-01-25 20:37 - 00000000 ___RD C:\Users\Robin\Dropbox
2017-04-18 12:23 - 2017-03-12 19:25 - 00000000 ____D C:\Users\Robin\AppData\Roaming\TunnelBear
2017-04-17 23:56 - 2017-03-12 19:25 - 00000000 ____D C:\Program Files (x86)\TunnelBear
2017-04-16 12:57 - 2016-12-20 21:59 - 00000000 ____D C:\Users\Robin\AppData\Roaming\discord
2017-04-15 22:04 - 2017-01-25 20:04 - 07374416 _____ C:\Users\Robin\Desktop\Faithful Custom.rar
2017-04-15 20:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2017-04-15 00:01 - 2015-07-30 17:25 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Skype
2017-04-14 18:26 - 2015-08-03 21:45 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-04-14 18:26 - 2015-08-03 21:44 - 00000000 ____D C:\Program Files\Rockstar Games
2017-04-14 12:41 - 2015-07-30 17:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 01:11 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-14 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 14:05 - 2015-12-01 14:56 - 00000000 ____D C:\Users\Robin\AppData\Local\Ubisoft Game Launcher
2017-04-12 18:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-12 18:23 - 2015-07-30 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 18:20 - 2015-07-30 02:00 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 16:58 - 2016-08-26 22:24 - 00000000 ____D C:\Users\Robin\AppData\Roaming\Curse Client
2017-04-12 11:31 - 2016-01-24 14:32 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-04-11 22:13 - 2016-04-14 21:16 - 00000000 ____D C:\WINDOWS\Panther
2017-04-11 22:10 - 2016-12-03 00:15 - 00000000 ___HD C:\$WINDOWS.~BT
2017-04-11 20:47 - 2016-11-21 20:27 - 00000000 ____D C:\Users\Robin\Documents\Euro Truck Simulator 2
2017-04-11 20:27 - 2016-11-22 17:51 - 00000000 ____D C:\Users\Robin\Documents\ETS2MP
2017-04-11 20:21 - 2016-11-22 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2017-04-11 20:21 - 2016-11-22 17:51 - 00000000 ____D C:\Program Files\TruckersMP
2017-04-09 01:13 - 2015-07-30 19:08 - 00000000 ____D C:\ProgramData\Oracle
2017-04-09 01:11 - 2016-05-29 16:07 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-04-09 01:11 - 2016-05-29 16:07 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-09 01:11 - 2016-05-28 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-10-23 17:16 - 2016-10-23 17:16 - 0000063 _____ () C:\Users\Robin\AppData\Local\emaildefaults
2016-10-23 17:15 - 2016-10-23 17:23 - 0021093 _____ () C:\Users\Robin\AppData\Local\kritarc
2016-05-22 18:35 - 2016-06-22 16:58 - 0007635 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
2017-01-23 12:02 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Robin\AppData\Local\TroubleshooterConfig.json
Einige Dateien in TEMP:
====================
2016-03-13 13:17 - 2017-05-08 15:26 - 0619840 _____ () C:\Users\Robin\AppData\Local\Temp\0Kraken0502DevProps.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-03 16:15
==================== Ende von FRST.txt ============================
|
|
08.05.2017, 14:53
| #4 |
| | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage"Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-05-2017
durchgeführt von Robin (08-05-2017 15:35:12)
Gestartet von F:\
Windows 10 Home Version 1511 (X64) (2016-03-13 11:13:43)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3100462663-2090829469-4100536388-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3100462663-2090829469-4100536388-503 - Limited - Disabled)
Gast (S-1-5-21-3100462663-2090829469-4100536388-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3100462663-2090829469-4100536388-1002 - Limited - Enabled)
Robin (S-1-5-21-3100462663-2090829469-4100536388-1000 - Administrator - Enabled) => C:\Users\Robin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AKVIS Magnifier (HKLM\...\{9FDD51C9-F7AA-40AF-A4FF-0500E45E4A06}) (Version: 9.1.1201.14841 - AKVIS)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
AutoHotkey 1.1.22.06 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.06 - Lexikos)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Discord (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden
FACEIT Client version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
FileZilla Client 3.17.0 (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\FileZilla Client) (Version: 3.17.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Gyazo 3.3.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.0.0.100 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{0aee613f-351b-441e-9d78-506783c1b2ee}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.10 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.3.0.2 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.3.0.2 - Splashtop Inc.) Hidden
Spotify (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.8.5 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.5 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
TunnelBear (HKLM-x32\...\{43d0e9f8-e35b-4e1e-94e7-1534c305dea4}) (Version: 3.0.35.4 - TunnelBear)
TunnelBear (x32 Version: 3.0.35.4 - TunnelBear) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\WhatsApp) (Version: 0.2.1061 - WhatsApp)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AE0B88DD7563}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {052B72CF-627B-4A2B-BEEC-361F2763AE7B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {096C9B63-EC70-4D95-B23F-9DC0368C3D58} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0A839F92-3204-4E0A-8417-41CE3D59354D} - System32\Tasks\AdobeAAMUpdater-1.0-ROB-Robin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {0B0A3F99-5BBE-4C4F-89C5-F0329A424D12} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0BF4C5E3-6605-4FF8-A7A7-5C5F072744A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {0CDE1096-6623-49D6-AD97-525D1396F0AD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {0D75E573-8875-405B-B2FC-DB69AAE8F770} - System32\Tasks\FACEIT Client => C:\Program Files\FACEIT Client\faceitclient.exe [2017-04-24] ()
Task: {14F060BB-F0C5-4CC3-A93F-26DD36A884B3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1F2D61E8-A1A4-4EE5-BD17-1A593DB382F1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-25] (Dropbox, Inc.)
Task: {2652F6FE-6EBB-4ECA-81EE-053B1530C4C1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {39DA6BE5-0759-469D-9FD1-EDA6CA3051A7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {3C25FECA-7600-469A-972F-CD8A5FA612EC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {3FEE1EA9-7417-43D8-9FA0-0A3D1CDD546A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {4115C777-A957-41AD-B1AE-4DA60F2C9516} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {45AF971C-3F4B-4210-B61A-1703332DE7EF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {4B576BAC-6199-4E48-9E89-0195F97F7AE0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4DBD2107-782E-4D81-8A6C-366F65C1E5E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {5119B132-0680-4DCD-A1C5-F4515A82114A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {51ACED34-9B04-47A1-8E57-C9D184FC3B81} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {56B0D837-196B-4B94-BA03-740889CDAC09} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation)
Task: {5AAD202E-8BCA-42C9-8A33-86DE467DF08D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-25] (Dropbox, Inc.)
Task: {612BDCE6-3A6C-4BD5-910C-3A5B71F4975A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68413430-F63F-4638-9FAB-2DA30FAC6C37} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-10-02] (Adobe Systems Incorporated)
Task: {6CB24C9B-6FC6-46C6-9BCA-76E11EA8C25C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {72306A13-F888-4A43-B62F-E346D2A93934} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {76B9D1C6-A916-4206-A1F1-69B257EB6230} - System32\Tasks\{D3259AB9-2A88-4D8B-8C8D-5DE694F3EAF6} => pcalua.exe -a C:\ProgramData\SecurityUtility\uninstall.exe
Task: {7B9242F8-B926-4851-8B11-5608F3E9E3EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {7BFEE754-B044-466E-AD29-D9814F1D00D4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7CEC9ED3-CE88-4959-90D9-5A8FFB9ABEA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8456BA37-FA7A-436F-8C01-7275AA071B4D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {93B56DC6-BCF9-49B0-8E3E-C361C7DB7024} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {97A27BC6-A1AF-4494-ABB1-EF6E2ED97606} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {A0471411-CA0D-4EEC-9AEE-ECFB84AAEDA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A26DDCE2-967D-4231-8797-09242F8BAEEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {A3B796D4-6209-442C-A01A-93D868C81586} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {A81945B5-8E96-4CD6-9F16-73B71610AD12} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {BCA2BFE7-2951-4786-AC34-8AA6CFB343DC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {C0D8D5AD-E4FD-4189-AFD6-E9C432186F04} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C41D0AAA-7673-452A-A5C2-7F038CFC6CE8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {C56ADC03-AC0D-4E54-9FAF-04C8E2475612} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C9E3584A-E43B-4E89-86B6-19487D5D3F3E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {CB3D457B-FFC2-46B4-981C-79C9E29F0727} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D776D73F-0310-4DB9-86F8-B314D82F532A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E14026D6-8CD2-4CF3-916E-DDBD2DBAE86C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation)
Task: {F2273CBF-39FB-4D64-90FE-73624B6DB09E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation)
Task: {F5C5D132-E7A5-45B7-819A-928BE5023CC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Robin\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kwaKFfc2cmHTnD%2FOCT0TPwc5I%2BhCpUWdAVzqhGvEN0cl9iQAyc%3D
ShortcutWithArgument: C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kwaKFfc2cmHTnD%2FOCT0TPwc5I%2BhCpUWdAVzqhGvEN0cl9iQAyc%3D
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-03-15 17:50 - 2017-03-04 07:31 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-07 21:49 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-12 18:13 - 2017-03-28 12:17 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 18:13 - 2017-03-28 12:17 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-13 12:40 - 2016-03-13 12:40 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 21:47 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-03-15 17:49 - 2017-03-04 05:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:50 - 2017-03-04 05:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-12 18:13 - 2017-03-28 07:01 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 18:13 - 2017-03-28 07:04 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-04-28 14:38 - 2017-04-26 07:37 - 01147512 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-03-13 13:17 - 2017-05-08 15:26 - 00619840 _____ () C:\Users\Robin\AppData\Local\Temp\0Kraken0502DevProps.dll
2017-01-25 20:07 - 2017-01-25 20:07 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-01-25 20:07 - 2017-01-25 20:07 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-01-25 20:06 - 2017-01-25 20:06 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-01-25 20:07 - 2017-01-25 20:07 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-03-14 08:35 - 2017-03-14 08:35 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-01-25 20:07 - 2017-01-25 20:07 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-04-28 14:47 - 2017-04-26 07:37 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:31D9EFCC [128]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7865 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\Control Panel\Desktop\\Wallpaper -> c:\users\robin\documents\night_mountains_slopes_trees_4753_2560x1440 (1).jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
bfe => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AJRouter => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AntiVirMailService => 2
MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\Services: AntiVirWebService => 2
MSCONFIG\Services: AppHostSvc => 2
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: c2wts => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DcpSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DeviceAssociationService => 2
MSCONFIG\Services: DeviceInstall => 3
MSCONFIG\Services: DevQueryBroker => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: diagnosticshub.standardcollector.service => 3
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: DmEnrollmentSvc => 3
MSCONFIG\Services: dmwappushservice => 3
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: DoSvc => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DsmSvc => 3
MSCONFIG\Services: DsSvc => 3
MSCONFIG\Services: Eaphost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: EventLog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: fhsvc => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: icssvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iprip => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: LicenseManager => 3
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 3
MSCONFIG\Services: LPDSVC => 2
MSCONFIG\Services: MapsBroker => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: MSMQ => 2
MSCONFIG\Services: NcaSvc => 3
MSCONFIG\Services: NcbService => 3
MSCONFIG\Services: NcdAutoSetup => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: NetMsmqActivator => 2
MSCONFIG\Services: NetPipeActivator => 2
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NetSetupSvc => 3
MSCONFIG\Services: NetTcpActivator => 2
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: PhoneSvc => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: RetailDemo => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: RzSurroundVADStreamingService => 2
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensorDataService => 3
MSCONFIG\Services: SensorService => 3
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: simptcp => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: smphost => 3
MSCONFIG\Services: SmsRouter => 3
MSCONFIG\Services: SNMP => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: svsvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: TieringEngineService => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: TunnelBearMaintenance => 2
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UsoSvc => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvmsession => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: w3logsvc => 3
MSCONFIG\Services: W3SVC => 2
MSCONFIG\Services: WalletService => 3
MSCONFIG\Services: WAS => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 2
MSCONFIG\Services: Wcmsvc => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WEPHOSTSVC => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: WlanSvc => 2
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: workfolderssvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3100462663-2090829469-4100536388-1000\...\StartupApproved\Run: => "TunnelBear"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{EE11476D-11CF-4522-8327-D1035C9E27B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B35CF3BF-F85D-4770-9488-AD32711201EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{CCE9F3B6-3A72-4C4D-9B45-42DAE49DFCD2}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{E75E8AA0-B134-47E7-B587-BD6456FC7243}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D6ED8FDB-B805-49D0-BA17-C33CB1139B24}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{A8914B36-FC36-4B4F-9828-1C4CBD58C4B4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{01F626CF-5F96-4C54-95C4-8B1B067462F9}] => (Allow) G:\GTAV\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{E0E88717-2B02-40D0-BE57-04199CD7317F}] => (Allow) G:\GTAV\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{32DD7B8B-1480-4510-A0D7-97DC856C99C4}] => (Allow) G:\GTAV\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{53665473-0442-49B6-8FF5-220A90557063}] => (Allow) G:\GTAV\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{1FCD0DD2-4E8D-4E98-8935-D882BB7A1D0A}] => (Allow) G:\GTAV\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{331E47F1-EDC5-45F3-9B47-C2C8A3B350AD}] => (Allow) G:\GTAV\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{3E0CBA18-8603-4081-BE21-CEC4DF6C5B9F}] => (Allow) G:\GTAV\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{7B946FA7-401C-47FB-8F13-0E8CEAD038AF}] => (Allow) G:\GTAV\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{AB58FFBC-3D3A-4F2D-9200-49C8E1185F2C}G:\gtav\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\gtav\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C15D8501-C2E4-44BD-B8E8-CE63B5CE09B4}G:\gtav\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\gtav\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{6C5F21B2-ABB2-4422-B70D-C6A18E46BE4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38062104-0AFF-42FD-AEEF-84BF70B268E0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6219DA0-DB1F-48FC-A521-DF8D67F6FDBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0756BB1-9BFC-4496-AA0F-67CF460BA4F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0CD7584-C15C-4E6C-8171-7FDFCF629756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7DF564D6-12B0-4F69-A5A7-16DC6AAC0851}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72AE259E-EFE6-4470-84BB-02202F0A9C7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BCE4BDEC-1930-4EAE-97CC-7033C9B35B06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{02EE77C3-A79F-4362-8F4E-A799844557EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1025334C-59AB-4D9A-BCDF-41DD468BC476}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E220E5C7-787C-46F9-A346-9CD8E54C8E94}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF02A750-1719-4406-9B11-402B95F64F07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E87451A8-CBF7-4E8C-A684-B08915D81E3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4115F026-843D-47A0-B141-299A43630B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{89938E94-4808-47F2-8E82-91E4EF40F5BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B6B9B514-9E08-48E1-8D98-9AA6E0D601F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{71AB168C-E65F-41A0-BFF8-F315D8D32F98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{EFE4DFE0-E9F5-4CD8-B75F-361D67987775}] => (Allow) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7262A1F0-1225-4DB4-93C8-647E48A9843C}C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DCC433D1-3F44-476A-A2DA-CD50E226DD57}C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{06453FE5-1505-4AF4-9A3C-94BDB3A93A4C}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{12E0D490-F8DD-45B6-A5CC-FAD48C9B5E66}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{27298D15-AA6D-40D0-8555-8FFB57EC7085}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A7448383-9B53-402A-8DBF-A5085A46F779}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6FD168AC-A339-4A04-A082-B433EDA25D59}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B8971B31-F52A-453E-B478-FF342DED642A}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2679D5E5-4113-4BF9-AF5D-1C39A666B720}] => (Allow) G:\GTAV\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{DB388CC6-B6ED-47F8-8717-9A4B32D97406}] => (Allow) G:\GTAV\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{D5EBB1A2-2D55-41B0-A2A5-2231F168B5BB}] => (Allow) G:\Neuer Ordner\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{F5B2671E-553B-43C4-95C5-8B6F9D67563D}] => (Allow) G:\Neuer Ordner\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2697D074-39A4-4EAF-B8CD-18B21E307235}] => (Allow) G:\Neuer Ordner\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{BB649474-ED1E-48EC-BF0B-9F71C6A8A79A}] => (Allow) G:\Neuer Ordner\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1B2D14ED-707A-44A0-B1FD-F93D2258C14F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{22B4DC63-768C-4291-B691-AF8BE1504B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D86FB8A1-C16D-40C1-B713-A391E4AB73BB}] => (Allow) G:\GTAV\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{DBF8F2F2-8238-4847-ABFD-35ED588CC3ED}] => (Allow) G:\GTAV\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{0E2B9E4C-6E0A-4417-8C76-B00E7D32EF2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4AE8252E-1E6C-4CA1-9B79-C0A426EEAEBA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{89AEADD0-0E6C-4983-80DF-F9ECDA4272ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/07/2017 10:02:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (05/07/2017 09:13:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROB)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/07/2017 09:07:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROB)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/07/2017 08:41:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROB)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/07/2017 03:49:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/07/2017 03:30:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FL64.exe, Version: 1.1.5.0, Zeitstempel: 0x546a5756
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.672, Zeitstempel: 0x580ee321
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3520
Startzeit der fehlerhaften Anwendung: 0x01d2c7319979072b
Pfad der fehlerhaften Anwendung: D:\FL12\FL64.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 1a6437d5-cf4b-471d-8984-02ff865c7881
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/06/2017 03:49:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/06/2017 01:38:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service NVIDIA Streamer Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/06/2017 01:38:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service NVIDIA Streamer Network Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/06/2017 01:38:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service CyberGhost 6 Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (05/07/2017 09:41:50 PM) (Source: DCOM) (EventID: 10005) (User: ROB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (05/07/2017 09:41:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (05/07/2017 09:41:08 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (05/07/2017 09:41:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (05/07/2017 09:40:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/07/2017 09:40:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NIS erreicht.
Error: (05/07/2017 09:39:47 PM) (Source: DCOM) (EventID: 10005) (User: ROB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (05/07/2017 09:39:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (05/07/2017 09:39:47 PM) (Source: DCOM) (EventID: 10005) (User: ROB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (05/07/2017 09:39:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
CodeIntegrity:
===================================
Date: 2017-05-03 18:59:56.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-04-15 14:00:25.255
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-04-14 12:40:53.085
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-04-13 13:07:54.055
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-21 19:57:58.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-20 20:36:21.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-19 14:10:32.189
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-16 16:27:39.946
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-02-23 16:15:55.156
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-13 13:38:25.887
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 8111.08 MB
Verfügbarer physikalischer RAM: 6725.98 MB
Summe virtueller Speicher: 16303.08 MB
Verfügbarer virtueller Speicher: 14996.71 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:292.97 GB) (Free:64.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Fixed) (Total:341.8 GB) (Free:230.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (ASUS PCE-N15) (CDROM) (Total:0.2 GB) (Free:0 GB) CDFS
Drive f: (KINGSTON) (Removable) (Total:0.47 GB) (Free:0.41 GB) FAT
Drive g: (Volume) (Fixed) (Total:296.74 GB) (Free:88.92 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E868FE63)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=296.7 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 478.8 MB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.05.2017, 17:25
| #5 |
| /// Malwareteam | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Also da stimmen sehr viele Sachen nicht mit deinen Diensten, hast du die alle händisch auf manuell gestellt oder deaktiviert? Dein Windows 10 ist auch veraltet - bitte führe deshalb ein Upgrade durch: Lade den Windows 10 Update Assistenten herunter und folge den entsprechenden Anweisungen. https://go.microsoft.com/fwlink/?linkid=846364
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
10.05.2017, 16:19
| #6 |
| | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Nun, dass Problem ist gelöst.. Irgendwie war Windows "fehlerhaft" installiert, laut Kumpel (Diesmal einer der sich auskennt). Also eine Systemwiederherstellung hat funkioniert. Also..kein böser Virus, nur eine böses Windoof. Und irgendwelche launchpage Teile. Naja, die sind jetzt weg  LG & Danke für die Hilfe |
|
11.05.2017, 01:10
| #7 |
| /// Malwareteam | Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" Habt ihr neu aufgesetzt oder nur ein Wiederherstellungspunkt? Wenn zweites, poste bitte neue Logfiles, um zu schauen, dass keine reste geblieben sind Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Windows Netzwerk/Sound "deaktiviert" nach Abgesicherten Modus wegen "Launchpage" |
| abgesicherten, ahnung, deaktiviert, deinstallieren, eingefangen, gen, gestartet, guten, interne, komplett, kriege, lan, launch, logfile, länger, lösung, malwarebytes, modus, morgen, netzwerk-/internetverbindung., programme, relativ, sound, thread, treiber, verschwunden, windows |
Linear-Darstellung
